Trinsic’s next generation platform delivers decentralized identity infrastructure that is not tied to a specific ledger. In the world of decentralized identity, this may seem like a surprise, but it’s actually a huge win for product developers. This post will dig into a few reasons why Trinsic went ledger-less by default.
Adoption of Decentralized Identity Is Our Goal
At Trinsic, we prioritize building a platform that helps IDtech product builders to get significant end user adoption for their solutions. In order for any technology to reach mass adoption, it needs to be fast, cheap, and reliable. Most blockchains, at the moment, are often compromised on at least one of those characteristics, so we designed a solution that would be ledger agnostic.
How Decentralized Identity Works without Blockchain
Keys and data are the underpinning of a decentralized identity system. While blockchains and cryptocurrency have brought more attention than ever to the idea of public/private keys, the concept of using these key pairs to prove who you are on the internet has been around since the 90s. PGP (Pretty Good Privacy) used public private key pairs to encrypt and verify that an email was sent from a specific identity.
Trinsic’s Approach to Decentralized Identifiers (DIDs)
Current decentralized identity systems use decentralized identifiers, or DIDs, to establish and verify identities of the users exchanging information. Usually, a “flavor” of decentralized identity is tied to a specific DID method. For example, the Hyperledger flavor is tied to did:sov and did:indy methods. There are over 100 registered DID methods ranging from simple to extremely complex to implement.
When developing the Trinsic Ecosystems platform, we wanted to use the simplest possible approach by default that would allow builders to layer in additional features and complexity as needed by use case. We use the did:key method which is a lightweight, ledger-less DID method allowing users to created decentralized identifiers without the need to pay ledger fees or wait for a blockchain.
Using Trust Registries and Verified Domains to Build Your Ecosystem
Trusted issuers are often the foundation of an ecosystem, acting as the source of the data inside wallets of the holders. For example, a trusted issuer might be a professional licensing entity who wants to issue verifiable credentials to people who obtain a certification. For an IDtech company who is building a trust ecosystem, you want it to be clear to the participants in your ecosystem that the issuers are trustworthy.
There are two ways you can create trust in Trinsic Ecosystems. The first is by implementing a trust registry which outlines who can issue and verify certain credentials. For example, your trust registry could specify that only the DID of the professional licensing organization is allowed to issue a certification. Second, the licensing organization can verify their domain name allowing users to see that the credentials were issued by a trusted entity. The did:web specification allows for this to happen in a standardized manner, creating outputs that are legible by any system abiding by the specification.
When Might You Want to Anchor DIDs on a Blockchain?
While Trinsic Ecosystems is ledger-less by default, we provide the option to upgrade DIDs to a blockchain if this would be desirable for your use case. We currently support did:ion with plans to support many more DID methods in the near future. Here are a couple reasons you may want to upgrade DIDs to be anchored on a decentralized ledger:
- If you value persistence and censorship resistance, both of which could be at risk if you tie a DID to a domain name
- If you want to provide your users full ownership and portability of their identities
Blockchains provide a level of censorship resistance, interoperability, and persistence that would not be possible if your identity were tied to something like a domain registrar. While upgrading a DID to a blockchain often has a small cost associated with it, the ledger fee could be a fraction of registering a domain name and paying a yearly fee.
In reality, most of the IDtech builders that utilize Trinsic are building products that do not require this level of persistence, censorship resistance, and ownership when they’re first starting out. Luckily, our platform was built in a modular way, so you can start building your solution quickly and simply, while maintaining the option to upgrade DIDs at any time.
Three Practical Reasons to Consider Starting with Ledger-less DIDs
- Performance of blockchain-based solutions can be hit or miss. Depending on your choice of blockchain, you may end up with a costly or slow solution that is not ready for real-world implementation.
- It might be easier to gain adoption if you’re using widely-accepted web standards instead of blockchains. This is especially true if the benefits of decentralization aren’t applicable to your use case.
- Starting with a ledger-less solution allows you to have optionality down the line about how you roll out your solution. We are in the early days of seeing IDtech companies use web2, web3, and web5 technologies to solve identity problems. Building on Trinsic means you don’t have to pick a winner and can stay open as technology develops.
Digital Identity Spanning the Decentralization Spectrum
Using decentralized identifiers and verifiable credentials, you can create platforms, products, and experiences that incorporate varying levels of decentralization. The Trinsic Ecosystems platform was created in a modular way, so IDtech builders can tailor their solutions to the needs of their use case, without being locked into a particular technology stack. If you’re curious to learn more, you can sign up for free access to Trinsic Ecosystems, or check out our documentation.